Almost 1-in-5 (18-percent) of businesses experienced a distributed denial-of-service attack within a year-long timeframe, according to the Global IT Security Risks Survey 2014—Distributed Denial of Service (DDoS) Attacks from Kaspersky Labs and B2B International. The data applies to the period from April 2013 to May 2014. The survey’s 3,900 respondents represented very small to very large companies from 27 countries.

According to the same survey, on average, 61 percent of businesses felt it was the responsibility of their own IT departments and management teams to defend them against DDoS attacks. Twenty-one percent of those surveyed believed it was the responsibility of their network service provider or their website/hosting provider to protect them from the threat of Distributed Denial of Service.

“Large businesses were much more likely to rely on internal resources, whereas small businesses were more likely to expect help from these external service providers,” the Kaspersky / B2B International survey said. But none of these entities, neither NSPs, web hosts, IT departments, nor enterprise management teams are necessarily equipped to mitigate DDoS attacks.

Damages per DDoS incident range up to $444,000, according to the survey data. It will surely pay enterprises to adjust their assumptions about who should fight DDoS attacks and to take other action.